CVE-2021-21287: Server-Side Request Forgery (SSRF)

February 1, 2021 (updated February 5, 2021)

MinIO is vulnerable to server-side request forgery vulnerability. As a workaround you can disable the browser front-end with MINIO_BROWSER=off environment variable.

References

nvd.nist.gov/vuln/detail/CVE-2021-21287

Code Behaviors & Features

Detect and mitigate CVE-2021-21287 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →